This package provides an implementation in Tcl of the SHA256 and
SHA224 message-digest algorithms as specified by FIPS PUB 180-1
(1). These algorithms take a message and generates a 256-bit
(224-bit) digest from the input. The SHA2 algorithms are related to
the SHA1 algorithm.

This package also includes support for creating keyed
message-digests using the HMAC algorithm from RFC 2104 (3) with
SHA256 as the message-digest.

The command takes a message and returns the SHA256 digest of
this message as a hexadecimal string. You may request the result as
binary data by giving -bin.

The data to be hashed can be specified either as a string
argument to the sha256 command, or as a filename
or a pre-opened channel. If the -filename
argument is given then the file is opened, the data read and hashed
and the file is closed. If the -channel argument
is given then data is read from the channel until the end of file.
The channel is not closed. NOTE use of the channel or
filename options results in the internal use of vwait. To avoid nested event
loops in Tk or tclhttpd applications you should use the incremental
programming API (see below).

Only one of -file, -channel or string should be
given.

If the string to hash can be mistaken for an
option (leading dash "-"), use the option --
before it to terminate option processing and force interpretation
as a string.

Calculate an Hashed Message Authentication digest (HMAC) using
the SHA256 digest algorithm. HMACs are described in RFC 2104 (3)
and provide an SHA256 digest that includes a key. All options other
than -key are as for the ::sha2::sha256 command.

If the string to hash can be mistaken for an
option (leading dash "-"), use the option --
before it to terminate option processing and force interpretation
as a string.

For the programmer, the SHA256 hash can be viewed as a bucket
into which one pours data. When you have finished, you extract a
value that is derived from the data that was poured into the
bucket. The programming interface to the SHA256 hash operates on a
token (equivalent to the bucket). You call SHA256Init to obtain a token and then call SHA256Update as many times as required to add data to the
hash. To release any resources and obtain the hash value, you then
call SHA256Final. An equivalent set of functions
gives you a keyed digest (HMAC).

If you have critcl and have built the tcllibc package then the implementation of the
hashing function will be performed by compiled code. Failing that
there is a pure-tcl equivalent. The programming interface remains
the same in all cases.

Add data to the hash identified by token. Calling
SHA256Update $token "abcd" is equivalent to calling
SHA256Update $token "ab" followed by SHA256Update
$token "cb". See EXAMPLES. Note that this command is used for
both SHA256 and SHA224. Only the initialization and finalization
commands of both hashes differ.

Returns the hash value and releases any resources held by this
token. Once this command completes the token will be invalid. The
result is a binary string of 32/28 bytes representing the 256/224
bit SHA256 / SHA224 digest value.

This document, and the package it describes, will undoubtedly
contain bugs and other problems. Please report such in the category
sha1 of the Tcllib Trackers. Please
also report any ideas for enhancements you may have for either
package and/or documentation.